p59342861
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Added bootloader endpoint, fixed c code to be able to be included into pyinstaller

This commit is contained in:
VakarisZ 2020-01-17 12:02:18 +02:00
parent 4e150ea922
commit c8618e91cd
5 changed files with 157 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
monkey/infection_monkey/external_tools/archeologist_bootloader/old_machine_bootloader.c
View File

@ -1,80 +0,0 @@
#include <stdio.h> /* printf, sprintf */
#include <stdlib.h> /* exit */
#include <unistd.h> /* read, write, close */
#include <string.h> /* memcpy, memset */
#include <sys/socket.h> /* socket, connect */
#include <netinet/in.h> /* struct sockaddr_in, struct sockaddr */
#include <netdb.h> /* struct hostent, gethostbyname */
void error(const char *msg) { perror(msg); exit(0); }
int main(int argc,char *argv[])
{
/* first what are we going to send and where are we going to send it? */
int portno = 5000;
char *host = "api.somesite.com";
char *message_fmt = "POST /apikey=%s&command=%s HTTP/1.0\r\n\r\n";
struct hostent *server;
struct sockaddr_in serv_addr;
int sockfd, bytes, sent, received, total;
char message[1024],response[4096];
/* fill in the parameters */
sprintf(message,message_fmt,argv[1],argv[2]);
printf("Request:\n%s\n",message);
/* create the socket */
sockfd = socket(AF_INET, SOCK_STREAM, 0);
if (sockfd < 0) error("ERROR opening socket");
/* lookup the ip address */
server = gethostbyname(host);
if (server == NULL) error("ERROR, no such host");
/* fill in the structure */
memset(&serv_addr,0,sizeof(serv_addr));
serv_addr.sin_family = AF_INET;
serv_addr.sin_port = htons(portno);
memcpy(&serv_addr.sin_addr.s_addr,server->h_addr,server->h_length);
/* connect the socket */
if (connect(sockfd,(struct sockaddr *)&serv_addr,sizeof(serv_addr)) < 0)
error("ERROR connecting");
/* send the request */
total = strlen(message);
sent = 0;
do {
bytes = write(sockfd,message+sent,total-sent);
if (bytes < 0)
error("ERROR writing message to socket");
if (bytes == 0)
break;
sent+=bytes;
} while (sent < total);
/* receive the response */
memset(response,0,sizeof(response));
total = sizeof(response)-1;
received = 0;
do {
bytes = read(sockfd,response+received,total-received);
if (bytes < 0)
error("ERROR reading response from socket");
if (bytes == 0)
break;
received+=bytes;
} while (received < total);
if (received == total)
error("ERROR storing complete response from socket");
/* close the socket */
close(sockfd);
/* process response */
printf("Response:\n%s\n",response);
return 0;
}

107
monkey/infection_monkey/external_tools/old_machine_bootloader/old_machine_bootloader.c Normal file
View File

@ -0,0 +1,107 @@
#include <windows.h>
#include <wininet.h>
#include <stdio.h>
#include <stdlib.h>
#pragma comment( lib, "wininet" )
#pragma comment (lib, "Wininet.lib")
int ping_island(int argc, char * argv[])
{
DWORD dwVersion = 0;
DWORD dwMajorVersion = 0;
DWORD dwMinorVersion = 0;
DWORD dwBuild = 0;
dwVersion = GetVersion();
// Get the Windows version.
dwMajorVersion = (DWORD)(LOBYTE(LOWORD(dwVersion)));
dwMinorVersion = (DWORD)(HIBYTE(LOWORD(dwVersion)));
// Get the build number.
if (dwVersion < 0x80000000)
dwBuild = (DWORD)(HIWORD(dwVersion));
char versionStr[20];
snprintf(versionStr,
20,
"W%d.%d (%d)\n",
dwMajorVersion,
dwMinorVersion,
dwBuild);
wchar_t _server[] = L"158.129.18.132";
wchar_t _page[] = L"/api/bootloader";
HINTERNET hInternet, hConnect, hRequest;
DWORD bytes_read;
int finished = 0;
hInternet = InternetOpen("Mozilla/5.0", INTERNET_OPEN_TYPE_PRECONFIG, NULL, NULL, 0);
if (hInternet == NULL) {
printf("InternetOpen error : <%lu>\n", GetLastError());
return 1;
}
hConnect = InternetConnect(hInternet, _server, 5000, "", "", INTERNET_SERVICE_HTTP, 0, 0);
if (hConnect == NULL) {
printf("hConnect error : <%lu>\n", GetLastError());
return 1;
}
hRequest = HttpOpenRequest(hConnect, L"POST", _page, NULL, NULL, NULL, INTERNET_FLAG_SECURE, 0);
if (hRequest == NULL) {
printf("hRequest error : <%lu>\n", GetLastError());
return 1;
}
DWORD dwFlags;
DWORD dwBuffLen = sizeof(dwFlags);
if (InternetQueryOption (hRequest, INTERNET_OPTION_SECURITY_FLAGS, &dwFlags, &dwBuffLen))
{
dwFlags |= SECURITY_FLAG_IGNORE_UNKNOWN_CA;
dwFlags |= SECURITY_FLAG_IGNORE_CERT_CN_INVALID;
InternetSetOption (hRequest, INTERNET_OPTION_SECURITY_FLAGS, &dwFlags, sizeof (dwFlags));
}
BOOL isSend = HttpSendRequest(hRequest, NULL, 0, versionStr, 20);
if (!isSend){
printf("HttpSendRequest error : (%lu)\n", GetLastError());
return 1;
}
DWORD dwFileSize;
dwFileSize = BUFSIZ;
char buffer[BUFSIZ+1];
while (1) {
DWORD dwBytesRead;
BOOL bRead;
bRead = InternetReadFile(
hRequest,
buffer,
dwFileSize + 1,
&dwBytesRead);
if (dwBytesRead == 0) break;
if (!bRead) {
printf("InternetReadFile error : <%lu>\n", GetLastError());
}
else {
buffer[dwBytesRead] = 0;
printf("Retrieved %lu data bytes: %s\n", dwBytesRead, buffer);
}
}
// close request
InternetCloseHandle(hRequest);
InternetCloseHandle(hInternet);
InternetCloseHandle(hConnect);
return 0;
}

9
monkey/infection_monkey/external_tools/old_machine_bootloader/old_machine_bootloader.h Normal file
View File

@ -0,0 +1,9 @@
#include <windows.h>
#include <wininet.h>
#include <stdio.h>
#include <stdlib.h>
#pragma comment( lib, "wininet" )
#pragma comment (lib, "Wininet.lib")
int ping_island(int argc, char * argv[]);

2
monkey/monkey_island/cc/app.py
View File

@ -29,6 +29,7 @@ from monkey_island.cc.resources.version_update import VersionUpdate
from monkey_island.cc.resources.pba_file_upload import FileUpload
from monkey_island.cc.resources.attack.attack_config import AttackConfiguration
from monkey_island.cc.resources.attack.attack_report import AttackReport
from monkey_island.cc.resources.bootloader import Bootloader
from monkey_island.cc.services.database import Database
from monkey_island.cc.services.remote_run_aws import RemoteRunAwsService
from monkey_island.cc.services.representations import output_json
@ -86,6 +87,7 @@ def init_app_url_rules(app):
def init_api_resources(api):
api.add_resource(Root, '/api')
api.add_resource(Monkey, '/api/monkey', '/api/monkey/', '/api/monkey/<string:guid>')
api.add_resource(Bootloader, '/api/bootloader')
api.add_resource(LocalRun, '/api/local-monkey', '/api/local-monkey/')
api.add_resource(ClientRun, '/api/client-monkey', '/api/client-monkey/')
api.add_resource(Telemetry, '/api/telemetry', '/api/telemetry/', '/api/telemetry/<string:monkey_guid>')

39
monkey/monkey_island/cc/resources/bootloader.py Normal file
View File

@ -0,0 +1,39 @@
import json
from datetime import datetime
import dateutil.parser
import flask_restful
from flask import request
from monkey_island.cc.consts import DEFAULT_MONKEY_TTL_EXPIRY_DURATION_IN_SECONDS
from monkey_island.cc.database import mongo
from monkey_island.cc.models.monkey_ttl import create_monkey_ttl_document
from monkey_island.cc.services.config import ConfigService
from monkey_island.cc.services.node import NodeService
WINDOWS_VERSIONS = {
"5.0" : "Windows 2000",
"5.1" : "Windows XP",
"5.2" : "Windows XP/server 2003",
"6.0" : "Windows Vista/server 2008",
"6.1" : "Windows 7/server 2008R2",
"6.2" : "Windows 8/server 2012",
"6.3" : "Windows 8.1/server 2012R2",
"10.0" : "Windows 10/server 2016-2019"
}
class Bootloader(flask_restful.Resource):
# Used by monkey. can't secure.
def post(self, **kw):
os_version = request.data.decode().split(" ")
if (os_version[0] == "W"):
os_type = "windows"
os_version = os_version[1:]
return {"id": "Abc"}
def get(self, guid=None, **kw):
NodeService.update_dead_monkeys()
return {}